On 9/9/2024 10:16 AM, Derek Atkins wrote:
The GnuCash team, historically, have explicitly decided that GnuCash leave
encryption and other password protection to external tools and NOT perform
it internally. GnuCash is a financial tool, not a security tool.
A) Password protection IN THE APP would only provide a false sense of
security. This is OPEN SOURCE software. That means rather easy for an
attacker to compile their own version of gnucash (that ignored a wrong
password). Harder for an attacker with closed source, they would need
some special tools, but doable*.
B) The external tool/encrypted storage device done by people whose
specialty is security. One caveat --- do not trust you would have
security against a gov't. You would never know which encryption systems
they can crack (the spooks don't publish).
Michael D Novack
* In my working days, I've used a disassembler, a hex editor, and a tool
that mapped where in the code a running program was. In my case, nothing
nefarious, just things like lost source code << but it's our own
software -- need to make a change, need to recover human readable source
code so programmers can make future changes, etc. >>
_______________________________________________
gnucash-user mailing list
[email protected]
To update your subscription preferences or to unsubscribe:
https://lists.gnucash.org/mailman/listinfo/gnucash-user
-----
Please remember to CC this list on all your replies.
You can do this by using Reply-To-List or Reply-All.
